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25 June 1982 


A. A Description of 4C 


1. The Community-wide Computer-assisted Compartmentation 
Control System (4C) will be: 


a. An on-line Information Storage and Retrieval 
System for storing and retrieving information concerning 
Sensitive Compartmented Information (SCI) accesses held 
by people under the cognizance of all Intelligence 
Community (IC) organizations. 


b. A secure Communications System, for sending and 
receiving information to and from the data base, and 
formatted or free-form messages from terminal to terminal 
within the system. 


c. <A Management Information System, providing' 
information from a single data base needed to manage, 
administer and operate SCI programs as required by the DCI, 
IC managers, managers of NFIB organizations and by super- 
visors (at all levels) responsible for operation of SCI 


programs and activities. [7] 


2. It will be a dedicated system, on-line throughout the 
IC.to major adjudicators, recordkeepers and certifiers of SCI 
accesses. The System will permit timely storage of information 
concerning the granting or termination of accesses, and retrieval 
in a few seconds of such information at locations where it is 
most needed. 


B. A Description of the existing IC System (as of June 1982) 


‘l. The existing system is made up of many independent and 
incompatible parts. There is no single data base containing 
information on all accesses held by all peopke wae Be 
in SCI activities. — 


The -major- NFIB™ organizations. maintain: automated - 

heya reae. ‘to keep -records on their own people; - but some: of. 
these systems are out-of-date, based on punched-card 
technology, and most are not on-line: to their major points 

of recordable actions. Thus, in many cases, it is extremely. | 
difficult and time-consuming to obtain an authentic 
"certification" of an access held by a person in another 
organization. 
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b. A 4C prototype is now in operation within CIA. 

The CIA is currently maintaining records of individuals 

under CIA's SCI security cognizance (CIA employees, employees 
of CIA contractors, employees of non-NFIB agencies/depart- 
ments, and of the Executive and Legislative Branches). Also, 
the CIA is maintaining records for Energy, FBI, Justice, 
Secret Service, State and Treasury until these organizations 
are linked to the system. 


ey. Communications, os... Swot ane oe ee en 


(1) In the existing system "certifications" and 
other messages between SCI recordkeepers, adjudicators . 
and certifiers often follow tortuous routes and take 
much time. There is no Community-wide communications 
network dedicated to the validation/certification of 
SCI accesses with input/output points in the areas (of 
SCI Adjudicators, Recordkeepers or Certifiers) where 

the information is available or where it is used. Each 

- day several hundred validation/certification messages 
arrive at the point of action after a considerable 
number of: people and off-line communications systems 
have been used. Typically, an SCI recordkeeper in one 
organization will validate an individual's clearances, 
type the necessary information in cable format, send it 
via courier to a point where cables are sent to other 
organizations. There the typed cable is controlled, 
processed and transmitted to the cable receiving point 
of addressee, where it is controlled, processed and sent 
by courier to the addressee. Our present system of 
transmitting SCI Access information to the "point of use" 
is labor-intensive and slow; and unnecessarily creates 
the need for and utilization of resources in support 
components (commo and courier) of the sending and re- 
ceiving organizations. 


(2) When time requirements preclude the use of 
cables, validations/certifications are transmitted via 
telephone directly to the "point of use." Such trans- 
missions are subject to the vagaries -- and availability -- 
of secure voice systems; or require particular attention 
to security considerations when using black telephones. 


d. Management Information. With the existing IC system 
it is impossible to acquire an accurate figure for the total 
number of people who hold SI (or any specific access) as of a 
specific date. Very often the same person will be on record 
in two or more NFIB systems with the same access(es). 
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In order to obtain global statistics, dozens of independent 
Systems must be canvassed. Usually, statistics will be 
provided by the different organizations based on reports 
with differing "as of" dates. This is but one example of 
an elementary requirement for management information that 


the existing IC system cannot satisfy. 25X11 
C. Expansion of on-Line Access 
1. The 4C System will cause no increase in the number of 
lech. /ans, -people-wwho-have-access..to information.concerning people who | 
, hold "Special Clearancés." The changes will be:> = 0 7 
a. In the Method of Storage. The information will 
be in one complete, centralized registry as opposed to 
dozens of incomplete registries... 0000. 0. 
, b. In the method of Transmitting Information. Instead — 
ie of "people intervention" and the use of cables, or telephones, 
to transmit information, most recipients will use a terminal 
ae and retrieve the needed information directly from the cen- 
25X1 tralized registry .(4C). [7]. 
aes Zs At the present time each NFIB organization provides 
others with lists of people who are authorized to "pass certifi-. 
cations.'"' The majority of people now on such lists’will be pro- 
vided a password for accessing 4C directly. [ . 25X1 
D. Protective Features of 4C 
1. From its inception, 4C has been designed with a primary 
objective of protecting the information from people who do not 
need it, and providing the information to those who will use it 
for improving the security of SCI programs. aa 25X1 


2. The 4c computer will be a dedicated computer. . It will 
contain only 4C data. There will be no electronic connections 


25X14 with another system. [| . 
| - 3. The 4C data base will be divided into a "Community 
File" and several "Private Files."' "Private Files" will hold 


records of people who are under cover, people who are working 

directly or indirectly under an organization whose existence 

is classified, or people who hold especially sensitive 

"clearances" and/or are employed by organizations whose partici- 

pation in Intelligence activities is sensitive. The system will 

be designed so that only those people with the 'tneed-to-know" 

Will have access to information in the "Private File." [ 25X14 
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4. Each authorized on-line 4C user will be issued a ; 
Sign-on protocol which will require specification of the data 
base, the organization, the “user-ID" and the user's password. 


5. Once the system grants access to an authorized user, 
the system will accept only data presented in a "menu' format. 
The computer will not obey instructions which are not in a 
standard format. Thus, a user's ability to store or retrieve 
data will be limited to the standard activities pre- defined 
as required by that. user. 


Pane -6,---The 4C.. computer will. ‘produce-a- ‘Security: Audit Rerehe 


of attempted illegal signons, and highlighting abnormalities 


from expected usage of the system. ioe eh: 25X1 
7. All information transferred between the computer and 
terminals, or between terminals, will be encrypted. [_ ]. 25X14 


8. The 4C computer and each terminal will be located in 
an accredited SCI facility, which insures optimum physical 
security safeguards. All terminals will be tempest approved. 
All personnel with access will have been investigated and 
adjudicated under DCID 1/14 standards. [| . . 25X11 


9. The classification and SCI. control system for the : . 
totality of information in the 4C data base is yet to be deter- 


mined by a 4C Rules and Procedures Grou -It is expected to 
be no less than[ 


10. All reports containing 4C data, will be generated 
within accredited facilities, and will be appropriately marked, 
wrapped, receipted distributed, used and destroyed under 


proper controls. fer 


E. Why the System. is Being Changed 


1.. The need ay a 4C-type system was stated, initially, 
by such SCI management organizations as the SIGINT. Committee 
and COMERIX. As-the numbers of organizations and individuals 
involved in-SCI increased, the managers found it increasingly 
difficult to obtain timely and reliable information needed for 
purposes of management and control. ia= = 4 . 25X1 


2. As the different operating organizations participated 
in 4C feasibility studies (in 1972 and 1978), it became apparent 
that a 4C-type system could improve the efficiency and effective- 
ness of their operations. ees 
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3. In 1972 and 1978 there was a consensus that the IC 
should develop a 4C-type system, but money was_not made avail- 
able. In FY-81 money needed to establish 4C, - 25X1 
was made available from the IC budget and the money has been 
obligated for development and installation of the system. [| 25x1 


4. The 4C System has replaced the old CIA’system, and 
is designed to-replace automated systems currently maintained 
by Air Force, Army, DIA, Navy, Naval Security Group, PME-106, 
and SAFSP. One system with standard hardware, communications 
equipment and software, will replace the eight automated 
systems.- We are confident that the cost of 4C will be less 
than the total costs of the existing systems. Efforts to 
quantify the savings have been unsuccessful because "experts" 
disagree on methods for computing costs of existing systems. 
Improvements in security will result from 4C's. encrypted 
commo directly to points of use, and from more current, accurate 


and complete information in the data. base ----- factors which 
will also improve operating efficiency. 3 25X1 
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The Community-wide, Computer-assisted Compartmentation 
Control System (4C) is projected to provide a centralized, 
real time electronic data base that lists all personnel with 
compartmented (SCI) access approvals as well as a register 
of all facilities, both governmental and industrial, approved 
to store compartmented material. [| . 25X1 


There currently exists no single record system which 
reflects this type of information. The closest approximation 
to such a system is the data base called SPECLE (Special 
Clearances) maintained by CIA's Office of Security which has _ —— 
over 160,000 names of SCI accessed personnel Community-wide, = 
- but which is admittedly incomplete and outdated. 4C is 
designed to be a Community data base that will replace the 
existing computerized records of NFIB member agencies (SPECLE, 
DIA, Army, Navy, Air Force, etc.) and allow member agencies 
to input the data base (add, change, delete) from their own 
terminals as well as to communicate on the 4C encrypted data 
link. It should result in more efficient use of already SCI 
approved contractor personnel (thus obviating expensive and 
duplicative background investigations), facilitate the 
passage of clearance certifications, eliminate thousands of ae eee 
cables now sent over other communication links each year, 3 
and allow more efficient use of approved facilities. The 
' savings to be realized in freeing existing smaller computer 
systems for other uses are diffcult to quantify but will be 
substantial. 4C will also have an archival capability 
whereby records of formerly accessed but now debriefed 
personnel will be maintained within the 4C system. None of 
the current systems possess such capabilities. This will 
- prove a valuable tool in counterintelligence and damage 
25X1 assessment investigations. . 


This project began in FY80 with minor developmental 

costs incurred. The major dollar costs are projected to 

occur in FY81 with acquisition of major system components 

and the subsequent installation hook-up of these components. 

FY82 will see continuing development, installation and 

start-up costs as well as some maintenance and operational 

costs. Because of the phased implementation schedule for 

the entire system, these costs will continue through FY85, 25X14 
25X1 although at a reduced level. 
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